Americans are generous in spirit, often seeking to help those who have fallen on hard times. Whether it’s the neighbor whose home was destroyed by fire or those made homeless after a major storm, we like to know how we can help. Local, national, and international charities spread the gift of kindness by delivering much-needed […]
Five Best Practices for Safeguarding Against Ransomware Attacks:
- Backup your data, system images, and configurations, regularly test them, and keep the backups offline: Ensure that backups are regularly tested and that they are not connected to the business network, as many ransomware variants try to find and encrypt or delete accessible backups. Maintaining current backups offline is critical because if your network data is encrypted with ransomware, your organization can restore systems.
- Update and patch systems promptly: This includes maintaining the security of operating systems, applications, and firmware, in a timely manner. Consider using a centralized patch management system; use a risk-based assessment strategy to drive your patch management program.
- Test your incident response plan: There’s nothing that shows the gaps in plans more than testing them. Run through some core questions and use those to build an incident response plan: Are you able to sustain business operations without access to certain systems? For how long? Would you turn off your manufacturing operations if business systems such as billing were offline?
- Check your security team’s work: Use a 3rd party pen tester to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors.
- Segment your networks: There’s been a recent shift in ransomware attacks – from stealing data to disrupting operations. It’s critically important that your corporate business functions and manufacturing/production operations are separated and that you carefully filter and limit internet access to operational networks, identify links between these networks and develop workarounds or manual controls to ensure ICS networks can be isolated and continue operating if your corporate network is compromised. Regularly test contingency plans such as manual controls so that safety-critical functions can be maintained during a cyber incident
Scammers Await the American Rescue Plan Act
As part of the American Rescue Plan Act, eligible families will get monthly payments from the government from July 15 through December 2021. The Internal Revenue Service (IRS) will send these monthly payments directly to people through direct deposit, paper checks, or debit cards. This inevitably leads to fraud scams targeting your customers. Institutions should begin updating their loss prevention plans to look for suspicious activity and by notifying customers that:
- Only the IRS will be sending these payments. Anyone trying to “help” you get your child tax credit is really after your money.
- The government will NEVER call, text, email, or DM you out of the blue, asking for money or information. Keep your money — and your Social Security, bank account, debit, and credit card numbers — to yourself
- No legitimate agency will ever demand that you pay by gift card, wire transfer through companies like Money Gram or Western Union, or cryptocurrency. That’s a scam, every time.
Stay Ahead of the Scam- Call Spoofing
Call spoofing is a tactic used by criminals to make a fraudulent call appear legitimate. These scammers transmit text to your caller ID making it look like your bank, the government, or a trusted company is calling. So how do you stay ahead of the scam?
- Be cautious if your caller ID indicates Union Bank, the government, or other organization is calling.
- Be suspicious. No legitimate organization will call you and request your account number, PIN, debit card, online banking credentials, or social security number.
- Don’t be intimidated. No legitimate organization will threaten you with arrest, require you to purchase gift cards to settle a debt, or ask you to conduct test transactions.
- Don’t be fooled. Scammers often do research on their victims and know personal information such as children’s/grandchildren’s names, dates of birth, or home addresses and will use this to attempt to sound legitimate.
If you are unsure about the legitimacy of a phone call that appears to be coming from Union Bank, hang up immediately and call your local branch or our Customer Care Team at 800.753.4343.
Scammers are always finding new ways to exploit victims. These basic precautions can help keep you from becoming a victim of fraud:
- Never share financial or personal information (passwords, social security numbers, accounts, PINs, etc.)
- Do not answer or follow links in suspicious emails. These could be attempts to trick you into revealing private information.
- Change passwords regularly and never use a date of birth or social security number as your password.
- Make sure your internet shopping sites use proper security (see “about our security” for more information).
- Consider receiving electronic instead of printed statements to avoid mail fraud.
- Monitor your accounts frequently and call us immediately at 1.800.753.4343 if you notice any suspicious activity.
- Make sure your computer is protected with anti-virus and firewall software and that security updates/patches are done automatically.
- If traveling abroad, do not use a publicly available computer for Internet banking unless you are sure it has been properly secured. If you will be using your debit card, be sure to advise our Electronic Banking Department before you travel.
- Don’t share credit card numbers or other personal information unless you’re buying from a company you know and trust.
- Don’t do business with a company that won’t give its name, address and telephone number.
Union Bank will NEVER solicit your personal information via email, text message or telephone call. If you receive an email or text asking for personal information regarding passwords, accounts etc., simply delete it. If you receive a suspicious communication from us, please let us know immediately.
Preventing Fraud Tips PDF